• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.6
• /
• pp.1818-1832
• /
• 2022

Violence in the Internet era poses a new challenge to the current counter-riot work, and according to research and analysis, most of the violent incidents occurring are related to the dissemination of violence images. The use of the popular deep learning neural network to automatically analyze the massive amount of images on the Internet has become one of the important tools in the current counter-violence work. This paper focuses on the use of transfer learning techniques and the introduction of an attention mechanism to the residual network (ResNet) model for the classification and identification of violence images. Firstly, the feature elements of the violence images are identified and a targeted dataset is constructed; secondly, due to the small number of positive samples of violence images, pre-training and attention mechanisms are introduced to suggest improvements to the traditional residual network; finally, the improved model is trained and tested on the constructed dedicated dataset. The research results show that the improved network model can quickly and accurately identify violence images with an average accuracy rate of 92.20%, thus effectively reducing the cost of manual identification and providing decision support for combating rebel organization activities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.4
• /
• pp.77-89
• /
• 2009

As the awareness on the information security has been well developed, there have been various studies on effective training and management of the information security workforce. But, one of the most important things for the effective training is to develop education programs based on knowledge and skills requirements for information security professionals. This study aims to analyze the required and possessed levels of knowledge and skills for information security professionals' career. For this study, we selected 71 critical knowledge and skills for information security professionals by literature review and Delphi method, and we conducted a survey of information security knowledge and skills requirements for information security professionals to perform their jobs. As a result, we analyzed the current status of the information security professionals' knowledge and skills level and suggested some guidelines for educating information security professionals by their job career.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.951-962
• /
• 2018

In order to strengthen the information security of the organization, it is important to invest in the information security facility, but the information security awareness of the organization members is also very important. Effective education is needed to raise awareness of this information security. However, the method of collective education utilized by most organizations is not very effective. Educational methods using serious games can be a good alternative. Educational methods using serious games have already proved effective through various cases and researches and are used in many fields. In this paper, we design and implement a game program to improve the awareness of individual information security policy importance. The training was conducted for the members of the organization and the change of awareness about the importance of individual information security policy was examined through analysis of evaluation data before and after the training.

• Asia pacific journal of information systems
• /
• v.15 no.1
• /
• pp.115-133
• /
• 2005

This study is to develop an information security management model(ISMM) for small and medium sized enterprises(SMEs). Based on extensive literature review, a five-pillar twelve-component reference ISMM is developed. The five pillars of SME's information security are: centralized decision making, ease of management, flexibility, agility and expandability. Twelve components are: scope & organization, security policy, resource assessment, risk assessment, implementation planning, control development, awareness training, monitoring, change management, auditing, maintenance and accident management. Subsequent survey designed and administered to expose experts' perception on the importance of these twelve components revealed that five out of tweleve components require relatively immediate attention than others, especially in SME's context. These five components are: scope and organization, resource assessment, auditing, change management, and incident management. Other seven components are policy, risk assessment, implementation planning, control development, awareness training, monitoring, and maintenance. It seems that resource limitation of SMEs directs their attention to ISMM activities that may not require a lot of resources. On the basis of these findings, a three-phase approach is developed and proposed here as an SME ISMM. Three phases are (1) foundation and promotion, (2) management and expansion, and (3) maturity. Implications of the model are discussed and suggestions are made for further research.

• Journal of Information Processing Systems
• /
• v.17 no.3
• /
• pp.571-585
• /
• 2021

Applications for object detection are expanding as it is automated through artificial intelligence-based processing, such as deep learning, on a large volume of images and videos. High dependence on training data and a non-transparent way to find answers are the common characteristics of deep learning. Attacks on training data and training models have emerged, which are closely related to the nature of deep learning. Privacy, integrity, and robustness for the extracted information are important security issues because deep learning enables object recognition in images and videos. This paper summarizes the security issues that need to be addressed for future applications and analyzes the state-of-the-art security studies related to robustness, privacy, and integrity of object detection for images and videos.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.489-499
• /
• 2016

Nowadays the importance of information security has been increased because there are many benefits and threats like information leakage caused by rapid growth of information technology. It is important to apply technical solution, however enhancing security capability is more important to respond evolving security threats. Information security education is one of typical way to enhance security capability and there are various efforts at the dimension of nation, company and academic community. However it is required to analyze previous research until now and derive future research direction for long-term development plan. In this study, we analyzed a publication status about 177 papers related to information security, training and awareness from 4 foreign journals and 2 Korean journals. Additionally, we analyzed in detail about 70 papers related to information security education. As a result, the most part of study is about curriculum, and in the future, it is required to expand educational area as well as study about effectiveness measurement of information security education by experimental research.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1335-1348
• /
• 2016

Smart factory of Manufacturing sector is rapidly spreading, globally. In case of domestic, it is on going based on KOSF. It is neither lack of invest nor security of information due to it has been spread from manufacturing sector. Hence, that's very difficult to efficiency prevent from new type of intimidation and security accident happened sometimes from this situation. According to research information security condition with recognized new menace, there is a most efficient way is provide education of information security without any extra budget to safely spread smart factory. Thus, this study of research has developed security awareness training curriculum from international standard, requirement of the industry, and curriculum of educational institution based on NCS (National Competency Standard). It is be very helpful to spread smart factory safely due to expert group has been test of validity.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.8
• /
• pp.39-45
• /
• 2020

Despite the increasing interest in cyber security in recent years, the emergence of new technologies has led to a shortage of professional personnel to efficiently perform the cyber security. Although various methods such as cyber rage are being used to cultivate cyber security experts, there are problems of limitation of virtual training system, scenario-based practice content development and operation, unit content-oriented development, and lack of consideration of learner level. In this paper, we develop a fuzzy rule-based user-customized training scenario automatic generation system for improving user's ability to respond to infringement. The proposed system creates and provides scenarios based on advanced persistent threats according to fuzzy rules. Thus, the proposed system can improve the trainee's ability to respond to the bed through the generated scenario.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.501-511
• /
• 2018

The purpose of this study is to develop the performance evaluation indicator of information security training program for developing the next generation of top security leaders. Through literature review and focus group interview, we derived the performance areas and indicators based on the logic model. We conducted AHP(Analytic Hierarchy Process) questionnaire to calculate the weight of the derived indicators, and developed the performance indicator based on the survey results. Performance indicators were composed of 18 indicators in four main categories.

• International Journal of Computer Science & Network Security
• /
• v.22 no.1
• /
• pp.262-268
• /
• 2022

The main purpose of the study is to determine information and communication technologies for the innovative development of tourism training in higher education institutions in the context of COVID-19. Innovative development is associated with the rejection of well-known cliches, stereotypes in teaching, upbringing and personal development, creates new standards for personal-creative, individually directed tourism activities, develops pedagogical technologies implemented in this activity. As a result, the main aspects of information and communication technologies for the innovative development of tourist training in higher education institutions in the context of COVID-19 were characterized.